Microsoft Office CVE-2019-1264 Security Feature Bypass Vulnerability

description-logoDescription

A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands. In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability, and then convince a user to open the document file and interact with the document by clicking a specific cell. The update addresses the vulnerability by correcting how Microsoft Office handles input.

affected-products-logoAffected Applications

Microsoft Project 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2016 x64
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2019 for 64-bit editions
Microsoft Project 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2019 for 32-bit editions
Office 365 ProPlus for 32-bit Systems
Microsoft Project 2010 Service Pack 2 (64-bit editions)
Microsoft Project 2016 x64
Microsoft Office 2016 x86
Office 365 ProPlus for 64-bit Systems
Microsoft Project 2016 x86
Microsoft Project 2013 Service Pack 1 (64-bit editions)

CVE References

CVE-2019-1264